S. 2629 would direct the Department of Justice (DOJ) to enter into an agreement with the National Academy of Sciences to develop a classification system for categorizing different types of cybercrime. The National Academy of Sciences would be required to consult with relevant federal, state, local, and private-sector stakeholders and report on its system to the Congress within one year.
The act also would require the Bureau of Justice Statistics at DOJ to include questions on cybercrime victimization in its National Crime Victimization Survey. S. 2629 would authorize the appropriation of $1 million for the National Academy of Sciences project and $2 million for the Bureau of Justice Statistics survey. Using historical patterns of spending for similar programs and assuming appropriation of the authorized amounts, CBO estimates it would cost $3 million for DOJ to implement those requirements.
S. 2629 also would require DOJ to establish a cybercrime category within its National Incident-Based Reporting System, which collects data on crimes from federal, state, and local law enforcement agencies, and direct the Government Accountability Office (GAO) to report to the Congress on the effectiveness of cybercrime reporting in the United States within six months. DOJ is currently collecting data on cybercrimes within its reporting system. Based on information from the department, CBO estimates that the costs to DOJ to establish the cybercrime reporting category would not be significant over the 2022-2026 period. Additionally, based on the cost of similar activities, CBO estimates the cost to GAO for conducting its study would not be significant over the 2022-2026 period. Any such spending for these activities would be subject to the availability of appropriated funds.